The present invention relates to the field of group transactions and more particularly to secure systems for controlling distributed group transactions.
Adaptive agent systems are information and transaction processing systems especially for use with intelligent agents. The addition of network and computer security can also address a malicious insider threat or network intrusion, and can be used to facilitate electronic commerce and electronic information transactions including tele-education, telecommunication within the work environment, and telemedicine. Adaptive agent sytems and methods are not limited to fixed computing platforms but can be distributed and used on mobile platforms with compute capabilities (for example, mobile robots), as well as on multiple interconnected computers.
A class of tasks in information and transaction processes, both computerized and manual, involves simultaneous or sequential decisions (for example, review of a common information element) by a number of administrators, evaluators, and approvers. The information element is reviewed, then delivered or posted to a requester process. The information element can be any digitized document or electronic computer file, for example: a business form, memorandum, legal document, government form, letter, e-mail, software listing, video file, audio file, image file, and other similar elements. The requester process can include any kind of consensus task, for example: public notarization by multiple parties, review and approval of information prior to dissemination, negotiation of multi-party business contracts, release of software versions, installation of software on network computers, co-writing of documents, merging of multiple disparate or redundant elements, among other consensus tasks.
In a computer network of processers/computers and users, a corrupt system administrator with root (for example, system-high) privileges represents the ultimate insider threat to network integrity. The administrator, with relatively little effort, can access cryptographic keys, obtain sensitive data (for example, credit card numbers and proprietary documents), disable protection mechanisms and security monitors, implement disruptive software without disclosure in audit logs, usurp other super-system-users, mount repudiable attacks on other domains, and perform other subtle actions that compromise the integrity and secrecy of network functions.
An approach often used in the safeguards or security area, involving the use of human actors in protection, is the N-person Rule requiring N participants for the security function. A weakness in this approach, for computerized processes, is that a computer network with multiple administrators sharing root privileges introduces multiple single-points-of-failure in the security process. Furthermore, malicious administrators can collaborate to undermine the network and its users by forming minority and majority coalitions of loyal and corrupt administrators.
A group authentication process is needed to provide security to information transactions and to avoid compromising information through transmission, unauthorized access, or loss of integrity of the contents of the information. The use of multiple agents is needed in transactions to control access over a network.
Computer Information Requests
Neill, U.S. Pat. No. 6,029,201 (2000), describes a communication system for accessing system services on a network of information handling devices, using connection to service access agents with dynamically assigned sockets. A server is adapted to perform a security check on a request before requesting access.
Derby et al., U.S. Pat. No. 5,365,523 (1994), describes a group of access agents at a LAN/WAN interface, or a network-to-network interface, where the group communicates to form and to cooperate as a Multiple Access Group.
Lagarde et al., U.S. Pat. No. 5,745,754 (1998), describes a World Wide Web browser making requests to web servers on a network through URLs to a control program agent.
Security Over Networks
Attacks to computers have been classified into three classes: Class I attacks over network interfaces (for example, via communications ports), Class II attacks to system software, and Class III attacks to system hardware/firmware.
Lee et al., U.S. Pat. No. 6,167,522 (2000), describes a method and apparatus for providing security for a server executing application programs received by the server via a network.
Dunn et al., U.S. Pat. No. 6,169,805 (2001), describes a system and method of operation for providing secure communication on-demand over insecure networks.
Jacobson et al., U.S. Pat. No. 6,044,402 (2000), describes a network connection blocker for monitoring connections between network computers and blocking unwanted connections.
There is a need for distributed group transactions in secure environments.